VYPR

Photon

by Newphoria Corporation

CVEs (3)

  • CVE-2023-46055Oct 21, 2023
    risk 0.00cvss epss 0.01

    An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint.

  • CVE-2021-22055Apr 11, 2022
    risk 0.00cvss epss 0.01

    The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.

  • CVE-2015-5637Sep 20, 2015
    risk 0.00cvss epss 0.01

    The Newphoria Photon application before 1.2 for Android allows attackers to bypass a URL whitelist protection mechanism and obtain API access via unspecified vectors.